c1ab766e9ed55e37926362034ecfc3ed[.]bin | Triage

Sharing

General

Target

c1ab766e9ed55e37926362034ecfc3ed.bin
Size

121KB
MD5

ad34f8dd606030d8b229ba06a01c76e7
SHA1

82a9d54e13c41f46841fac2098d35e061658204b
SHA256

7ed1a2c2702691f06f7df658bcfcd9e98f2d62def3379b979b27ec3a3dcbd6bd
SHA512

a73a70ce5062f3872d3e286adf78772346c4bb38e57d697c5495cd3e0be0ce5daefe3f7532479ad35353d2a78890105456d3ad7ad8768bfd8261a850414edca8
SSDEEP

3072:GF6rmSKjQj2vUL4iSDMEChJbf9nnJj0VWjxdDp0FJu:GAiHjGsM7nJj0VkbDQ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/368e5c2f34fb3cbbd99ea69d08b16f8e9fd6ae3aee0e95e8c6c96c3f96ff1b70.exe

Files

c1ab766e9ed55e37926362034ecfc3ed.bin
.zip

Password: infected
368e5c2f34fb3cbbd99ea69d08b16f8e9fd6ae3aee0e95e8c6c96c3f96ff1b70.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ